Re: [PATCH v6 42/76] x86/sev-es: Setup early #VC handler

From: Juergen Gross
Date: Mon Sep 06 2021 - 01:27:49 EST


On 04.09.21 11:39, Lai Jiangshan wrote:
@@ -363,6 +370,33 @@ SYM_CODE_START_LOCAL(early_idt_handler_common)
jmp restore_regs_and_return_to_kernel
SYM_CODE_END(early_idt_handler_common)

+#ifdef CONFIG_AMD_MEM_ENCRYPT
+/*
+ * VC Exception handler used during very early boot. The
+ * early_idt_handler_array can't be used because it returns via the
+ * paravirtualized INTERRUPT_RETURN and pv-ops don't work that early.

Hello Joerg, Juergen

The commit ae755b5a4548 ("x86/paravirt: Switch iret pvops to ALTERNATIVE")
( https://lore.kernel.org/lkml/20210311142319.4723-12-jgross@xxxxxxxx/ )
had been merged and the paravirt_iret is deferenced based via %rip.

Can INTERRUPT_RETURN still be a problem if early_idt_handler_array
is used instead for bringup IDT?

Even before my patch the dereferencing was done via %rip.

I vaguely remember having discussed the pvops usage with Joerg when he
wrote the SEV support. I'm not sure why pvops shouldn't have worked, but
I'm sure its usage makes no sense at all, as long as we don't have SEV
support for Xen PV guests.


Juergen

Attachment: OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature